Статус: Активный участник
Группы: Участники
Зарегистрирован: 27.04.2016(UTC)
Сообщений: 108
Сказал(а) «Спасибо»: 9 раз
Поблагодарили: 1 раз в 1 постах
|
Здравствуйте! Подскажите пожалуйста, как вы проверяется подпись "SIGNED_BY_SMEV" в ответе на запрос "GetResponseRequest". У меня на Java постоянно ругается на "Verify signature on XML XMLSignatureException: The Reference for URI #SIGNED_BY_SMEV has no XMLSignatureInput" Привер: Код: private static final QName QNAME_SIGNATURE = new QName("http://www.w3.org/2000/09/xmldsig#", "Signature", "ds");
private static final String SIGNATURE_NOT_FOUND = "Signature not found!";
private static final String SIGNATURE_NOT_VALID = "Signature not valid";
private static final String SMEV_SIGNATURE_PASSED_CORE_VALIDATION = "SmevSignature passed core validation";
private static final String VERIFY_SIGNATURE_ON_XML_IO_EXCEPTION = "Verify signature on XML IOException: ";
private static final String VERIFY_SIGNATURE_ON_XML_PARSER_CONFIGURATION_EXCEPTION = "Verify signature on XML ParserConfigurationException: ";
private static final String VERIFY_SIGNATURE_ON_XML_SAX_EXCEPTION = "Verify signature on XML SAXException: ";
private static final String VERIFY_SIGNATURE_ON_XML_XML_SIGNATURE_EXCEPTION = "Verify signature on XML XMLSignatureException: ";
private static final String VERIFY_SIGNATURE_ON_XML_XML_SECURITY_EXCEPTION = "Verify signature on XML XMLSecurityException: ";
private static final String ID = "Id";
boolean coreValidity = true;
try {
DocumentBuilderFactory bf = DocumentBuilderFactory.newInstance();
bf.setNamespaceAware(true);
DocumentBuilder b = bf.newDocumentBuilder();
Document doc = b.parse(new File("C:/Temp/Test.xml"));
NodeList sigs = doc.getElementsByTagNameNS(QNAME_SIGNATURE.getNamespaceURI(), QNAME_SIGNATURE.getLocalPart());
org.apache.xml.security.signature.XMLSignature sig = null;
sigSearch: {
for (int i = 0; i < sigs.getLength(); i++) {
Element sigElement = (Element) sigs.item(i);
String sigId = sigElement.getAttribute(ID);
if (sigId != null) {
sig = new org.apache.xml.security.signature.XMLSignature(sigElement, "");
break sigSearch;
}
}
throw new XMLSignatureVerificationException(SIGNATURE_NOT_FOUND);
}
org.apache.xml.security.keys.KeyInfo ki = (org.apache.xml.security.keys.KeyInfo) sig.getKeyInfo();
X509Certificate certificate = ki.getX509Certificate();
if (!sig.checkSignatureValue(certificate.getPublicKey())) {
coreValidity = false;
LOGGER.log(Level.INFO, SIGNATURE_NOT_VALID);
} else {
LOGGER.log(Level.INFO, String.format(SMEV_SIGNATURE_PASSED_CORE_VALIDATION));
}
} catch (IOException e) {
throw new XMLSignatureVerificationException(VERIFY_SIGNATURE_ON_XML_IO_EXCEPTION + ExceptionUtils.getStackTrace(e));
} catch (ParserConfigurationException e) {
throw new XMLSignatureVerificationException(VERIFY_SIGNATURE_ON_XML_PARSER_CONFIGURATION_EXCEPTION + ExceptionUtils.getStackTrace(e));
} catch (SAXException e) {
throw new XMLSignatureVerificationException(VERIFY_SIGNATURE_ON_XML_SAX_EXCEPTION + ExceptionUtils.getStackTrace(e));
} catch (org.apache.xml.security.signature.XMLSignatureException e) {
throw new XMLSignatureVerificationException(VERIFY_SIGNATURE_ON_XML_XML_SIGNATURE_EXCEPTION + ExceptionUtils.getStackTrace(e));
} catch (XMLSecurityException e) {
throw new XMLSignatureVerificationException(VERIFY_SIGNATURE_ON_XML_XML_SECURITY_EXCEPTION + ExceptionUtils.getStackTrace(e));
}
return coreValidity;
P.S.: Копирую текст из файла вставляю https://smev3.gosuslugi.ru/portal/checkxmlform.jsp - все успешно проходит. Отредактировано пользователем 18 сентября 2018 г. 9:58:13(UTC)
| Причина: Не указана
|
|
|
|
|
|
Статус: Сотрудник
Группы: Участники
Зарегистрирован: 06.12.2008(UTC) Сообщений: 3,919  Откуда: Крипто-Про Сказал(а) «Спасибо»: 20 раз
Поблагодарили: 688 раз в 649 постах
|
Здравствуйте. Приложите образец документа для проверки. Примеры проверки XML документов есть в samples.jar, в папках JCPxml, xmlSign. |
|
|
|
|
|
|
Статус: Активный участник
Группы: Участники
Зарегистрирован: 27.04.2016(UTC)
Сообщений: 108
Сказал(а) «Спасибо»: 9 раз
Поблагодарили: 1 раз в 1 постах
|
Автор: Евгений Афанасьев  Здравствуйте. Приложите образец документа для проверки. Примеры проверки XML документов есть в samples.jar, в папках JCPxml, xmlSign. Код:<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"><soap:Body><ns2:SendRequestResponse xmlns="urn://x-artefacts-smev-gov-ru/services/message-exchange/types/basic/1.2" xmlns:ns2="urn://x-artefacts-smev-gov-ru/services/message-exchange/types/1.2" xmlns:ns3="urn://x-artefacts-smev-gov-ru/services/message-exchange/types/faults/1.2"><ns2:MessageMetadata Id="SIGNED_BY_SMEV"><ns2:MessageId>2cbaf714-bb17-11e8-855b-99bab6a0e000</ns2:MessageId><ns2:MessageType>REQUEST</ns2:MessageType><ns2:Sender><ns2:Mnemonic>966101_3T</ns2:Mnemonic></ns2:Sender><ns2:SendingTimestamp>2018-09-18T10:48:04.000+03:00</ns2:SendingTimestamp><ns2:Recipient><ns2:Mnemonic>emu</ns2:Mnemonic></ns2:Recipient><ns2:Status>requestIsQueued</ns2:Status></ns2:MessageMetadata><ns2:SMEVSignature><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"><ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/><ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#gostr34102001-gostr3411"/><ds:Reference URI="#SIGNED_BY_SMEV"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/><ds:Transform Algorithm="urn://smev-gov-ru/xmldsig/transform"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#gostr3411"/><ds:DigestValue>0whNgrtZb62iwzjOe3+kCQRRgdN8l6DQW3AoJjIPSxc=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>hQjNldVzD7bZMWd803Ot5aBzGBPvN1gDXukm4La/CWkr0vw61iYMEOciNdip7+D9Wfzw2JSSPu3Ju1bHPRvFrQ==</ds:SignatureValue><ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIIH2DCCB4egAwIBAgIRAXILAVZQAHCj6BHaIfbqMnEwCAYGKoUDAgIDMIIBRjEYMBYGBSqFA2QBEg0xMjM0NTY3ODkwMTIzMRowGAYIKoUDA4EDAQESDDAwMTIzNDU2Nzg5MDEpMCcGA1UECQwg0KHRg9GJ0LXQstGB0LrQuNC5INCy0LDQuyDQtC4gMjYxFzAVBgkqhkiG9w0BCQEWCGNhQHJ0LnJ1MQswCQYDVQQGEwJSVTEYMBYGA1UECAwPNzcg0JzQvtGB0LrQstCwMRUwEwYDVQQHDAzQnNC+0YHQutCy0LAxJDAiBgNVBAoMG9Ce0JDQniDQoNC+0YHRgtC10LvQtdC60L7QvDEwMC4GA1UECwwn0KPQtNC+0YHRgtC+0LLQtdGA0Y/RjtGJ0LjQuSDRhtC10L3RgtGAMTQwMgYDVQQDDCvQotC10YHRgtC+0LLRi9C5INCj0KYg0KDQotCaICjQoNCi0JvQsNCx0YEpMB4XDTE4MDMwNzA3Mjc1M1oXDTE5MDMwNzA3Mzc1M1owggELMR8wHQYJKoZIhvcNAQkCDBDQotCh0JzQrdCSM1/QmtCaMRowGAYIKoUDA4EDAQESDDAwNzcwNzA0OTM4ODEYMBYGBSqFA2QBEg0xMDI3NzAwMTk4NzY3MSgwJgYDVQQKDB/Qn9CQ0J4gwqvQoNC+0YHRgtC10LvQtdC60L7QvMK7MSYwJAYDVQQHDB3QodCw0L3QutGCLdCf0LXRgtC10YDQsdGD0YDQszEpMCcGA1UECAwgNzgg0KHQsNC90LrRgi3Qn9C10YLQtdGA0LHRg9GA0LMxCzAJBgNVBAYTAlJVMSgwJgYDVQQDDB/Qn9CQ0J4gwqvQoNC+0YHRgtC10LvQtdC60L7QvMK7MGMwHAYGKoUDAgITMBIGByqFAwICJAAGByqFAwICHgEDQwAEQMC71XesoJAavwGJgMlhlPywcaFx3HYPwMUIYBhtoglDW3BhQUzgIXFQ6uvD7FUshBl38VH+AXZM/BkzGGzpzFSjggSDMIIEfzAOBgNVHQ8BAf8EBAMCBPAwHQYDVR0OBBYEFItxgSnIqbor48DVSfsV11JpIwXDMIIBiAYDVR0jBIIBfzCCAXuAFD7vGT8PuXmw8eYpIaPkuZW5pe6QoYIBTqSCAUowggFGMRgwFgYFKoUDZAESDTEyMzQ1Njc4OTAxMjMxGjAYBggqhQMDgQMBARIMMDAxMjM0NTY3ODkwMSkwJwYDVQQJDCDQodGD0YnQtdCy0YHQutC40Lkg0LLQsNC7INC0LiAyNjEXMBUGCSqGSIb3DQEJARYIY2FAcnQucnUxCzAJBgNVBAYTAlJVMRgwFgYDVQQIDA83NyDQnNC+0YHQutCy0LAxFTATBgNVBAcMDNCc0L7RgdC60LLQsDEkMCIGA1UECgwb0J7QkNCeINCg0L7RgdGC0LXQu9C10LrQvtC8MTAwLgYDVQQLDCfQo9C00L7RgdGC0L7QstC10YDRj9GO0YnQuNC5INGG0LXQvdGC0YAxNDAyBgNVBAMMK9Ci0LXRgdGC0L7QstGL0Lkg0KPQpiDQoNCi0JogKNCg0KLQm9Cw0LHRgSmCEQFyCwFWUAC5s+cRzzq+NHegMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDBDAnBgkrBgEEAYI3FQoEGjAYMAoGCCsGAQUFBwMCMAoGCCsGAQUFBwMEMB0GA1UdIAQWMBQwCAYGKoUDZHEBMAgGBiqFA2RxAjArBgNVHRAEJDAigA8yMDE4MDMwNzA3Mjc1M1qBDzIwMTkwMzA3MDcyNzUzWjCCATQGBSqFA2RwBIIBKTCCASUMKyLQmtGA0LjQv9GC0L7Qn9GA0L4gQ1NQIiAo0LLQtdGA0YHQuNGPIDMuOSkMLCLQmtGA0LjQv9GC0L7Qn9GA0L4g0KPQpiIgKNCy0LXRgNGB0LjQuCAyLjApDGPQodC10YDRgtC40YTQuNC60LDRgiDRgdC+0L7RgtCy0LXRgtGB0YLQstC40Y8g0KTQodCRINCg0L7RgdGB0LjQuCDihJYg0KHQpC8xMjQtMjUzOSDQvtGCIDE1LjAxLjIwMTUMY9Ch0LXRgNGC0LjRhNC40LrQsNGCINGB0L7QvtGC0LLQtdGC0YHRgtCy0LjRjyDQpNCh0JEg0KDQvtGB0YHQuNC4IOKEliDQodCkLzEyOC0yODgxINC+0YIgMTIuMDQuMjAxNjA2BgUqhQNkbwQtDCsi0JrRgNC40L/RgtC+0J/RgNC+IENTUCIgKNCy0LXRgNGB0LjRjyAzLjkpMGUGA1UdHwReMFwwWqBYoFaGVGh0dHA6Ly9jZXJ0ZW5yb2xsLnRlc3QuZ29zdXNsdWdpLnJ1L2NkcC8zZWVmMTkzZjBmYjk3OWIwZjFlNjI5MjFhM2U0Yjk5NWI5YTVlZTkwLmNybDBXBggrBgEFBQcBAQRLMEkwRwYIKwYBBQUHMAKGO2h0dHA6Ly9jZXJ0ZW5yb2xsLnRlc3QuZ29zdXNsdWdpLnJ1L2NkcC90ZXN0X2NhX3J0bGFiczIuY2VyMAgGBiqFAwICAwNBAAfuLimwLO1RNL+ekh4hgnPu+yyLSiF2xGN4yZqWeA4d5VKU2zxveBMmSb4nvJFZ/3Qod1aQDdlgTRObLhKnEO8=</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature></ns2:SMEVSignature></ns2:SendRequestResponse></soap:Body></soap:Envelope>
|
|
|
|
|
|
Статус: Активный участник
Группы: Участники
Зарегистрирован: 27.04.2016(UTC)
Сообщений: 108
Сказал(а) «Спасибо»: 9 раз
Поблагодарили: 1 раз в 1 постах
|
Подскажите пожалуйста как все-таки на java проверить подпись "SIGNED_BY_SMEV" в ответе на запрос "GetResponseRequest" СМЭВ3.
|
|
|
|
|
|
Статус: Сотрудник
Группы: Участники
Зарегистрирован: 06.12.2008(UTC) Сообщений: 3,919 Откуда: Крипто-Про Сказал(а) «Спасибо»: 20 раз
Поблагодарили: 688 раз в 649 постах
|
Вот так проверилась: Код:
private static final String XML = "<soap:Envelope xmlns:soap=\"http://schemas.xmlsoap.org/soap/envelope/\"><soap:Body><ns2:SendRequestResponse xmlns=\"urn://x-artefacts-smev-gov-ru/services/message-exchange/types/basic/1.2\" xmlns:ns2=\"urn://x-artefacts-smev-gov-ru/services/message-exchange/types/1.2\" xmlns:ns3=\"urn://x-artefacts-smev-gov-ru/services/message-exchange/types/faults/1.2\"><ns2:MessageMetadata Id=\"SIGNED_BY_SMEV\"><ns2:MessageId>2cbaf714-bb17-11e8-855b-99bab6a0e000</ns2:MessageId><ns2:MessageType>REQUEST</ns2:MessageType><ns2:Sender><ns2:Mnemonic>966101_3T</ns2:Mnemonic></ns2:Sender><ns2:SendingTimestamp>2018-09-18T10:48:04.000+03:00</ns2:SendingTimestamp><ns2:Recipient><ns2:Mnemonic>emu</ns2:Mnemonic></ns2:Recipient><ns2:Status>requestIsQueued</ns2:Status></ns2:MessageMetadata><ns2:SMEVSignature><ds:Signature xmlns:ds=\"http://www.w3.org/2000/09/xmldsig#\"><ds:SignedInfo><ds:CanonicalizationMethod Algorithm=\"http://www.w3.org/2001/10/xml-exc-c14n#\"/><ds:SignatureMethod Algorithm=\"http://www.w3.org/2001/04/xmldsig-more#gostr34102001-gostr3411\"/><ds:Reference URI=\"#SIGNED_BY_SMEV\"><ds:Transforms><ds:Transform Algorithm=\"http://www.w3.org/2001/10/xml-exc-c14n#\"/><ds:Transform Algorithm=\"urn://smev-gov-ru/xmldsig/transform\"/></ds:Transforms><ds:DigestMethod Algorithm=\"http://www.w3.org/2001/04/xmldsig-more#gostr3411\"/><ds:DigestValue>0whNgrtZb62iwzjOe3+kCQRRgdN8l6DQW3AoJjIPSxc=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>hQjNldVzD7bZMWd803Ot5aBzGBPvN1gDXukm4La/CWkr0vw61iYMEOciNdip7+D9Wfzw2JSSPu3Ju1bHPRvFrQ==</ds:SignatureValue><ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIIH2DCCB4egAwIBAgIRAXILAVZQAHCj6BHaIfbqMnEwCAYGKoUDAgIDMIIBRjEYMBYGBSqFA2QBEg0xMjM0NTY3ODkwMTIzMRowGAYIKoUDA4EDAQESDDAwMTIzNDU2Nzg5MDEpMCcGA1UECQwg0KHRg9GJ0LXQstGB0LrQuNC5INCy0LDQuyDQtC4gMjYxFzAVBgkqhkiG9w0BCQEWCGNhQHJ0LnJ1MQswCQYDVQQGEwJSVTEYMBYGA1UECAwPNzcg0JzQvtGB0LrQstCwMRUwEwYDVQQHDAzQnNC+0YHQutCy0LAxJDAiBgNVBAoMG9Ce0JDQniDQoNC+0YHRgtC10LvQtdC60L7QvDEwMC4GA1UECwwn0KPQtNC+0YHRgtC+0LLQtdGA0Y/RjtGJ0LjQuSDRhtC10L3RgtGAMTQwMgYDVQQDDCvQotC10YHRgtC+0LLRi9C5INCj0KYg0KDQotCaICjQoNCi0JvQsNCx0YEpMB4XDTE4MDMwNzA3Mjc1M1oXDTE5MDMwNzA3Mzc1M1owggELMR8wHQYJKoZIhvcNAQkCDBDQotCh0JzQrdCSM1/QmtCaMRowGAYIKoUDA4EDAQESDDAwNzcwNzA0OTM4ODEYMBYGBSqFA2QBEg0xMDI3NzAwMTk4NzY3MSgwJgYDVQQKDB/Qn9CQ0J4gwqvQoNC+0YHRgtC10LvQtdC60L7QvMK7MSYwJAYDVQQHDB3QodCw0L3QutGCLdCf0LXRgtC10YDQsdGD0YDQszEpMCcGA1UECAwgNzgg0KHQsNC90LrRgi3Qn9C10YLQtdGA0LHRg9GA0LMxCzAJBgNVBAYTAlJVMSgwJgYDVQQDDB/Qn9CQ0J4gwqvQoNC+0YHRgtC10LvQtdC60L7QvMK7MGMwHAYGKoUDAgITMBIGByqFAwICJAAGByqFAwICHgEDQwAEQMC71XesoJAavwGJgMlhlPywcaFx3HYPwMUIYBhtoglDW3BhQUzgIXFQ6uvD7FUshBl38VH+AXZM/BkzGGzpzFSjggSDMIIEfzAOBgNVHQ8BAf8EBAMCBPAwHQYDVR0OBBYEFItxgSnIqbor48DVSfsV11JpIwXDMIIBiAYDVR0jBIIBfzCCAXuAFD7vGT8PuXmw8eYpIaPkuZW5pe6QoYIBTqSCAUowggFGMRgwFgYFKoUDZAESDTEyMzQ1Njc4OTAxMjMxGjAYBggqhQMDgQMBARIMMDAxMjM0NTY3ODkwMSkwJwYDVQQJDCDQodGD0YnQtdCy0YHQutC40Lkg0LLQsNC7INC0LiAyNjEXMBUGCSqGSIb3DQEJARYIY2FAcnQucnUxCzAJBgNVBAYTAlJVMRgwFgYDVQQIDA83NyDQnNC+0YHQutCy0LAxFTATBgNVBAcMDNCc0L7RgdC60LLQsDEkMCIGA1UECgwb0J7QkNCeINCg0L7RgdGC0LXQu9C10LrQvtC8MTAwLgYDVQQLDCfQo9C00L7RgdGC0L7QstC10YDRj9GO0YnQuNC5INGG0LXQvdGC0YAxNDAyBgNVBAMMK9Ci0LXRgdGC0L7QstGL0Lkg0KPQpiDQoNCi0JogKNCg0KLQm9Cw0LHRgSmCEQFyCwFWUAC5s+cRzzq+NHegMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDBDAnBgkrBgEEAYI3FQoEGjAYMAoGCCsGAQUFBwMCMAoGCCsGAQUFBwMEMB0GA1UdIAQWMBQwCAYGKoUDZHEBMAgGBiqFA2RxAjArBgNVHRAEJDAigA8yMDE4MDMwNzA3Mjc1M1qBDzIwMTkwMzA3MDcyNzUzWjCCATQGBSqFA2RwBIIBKTCCASUMKyLQmtGA0LjQv9GC0L7Qn9GA0L4gQ1NQIiAo0LLQtdGA0YHQuNGPIDMuOSkMLCLQmtGA0LjQv9GC0L7Qn9GA0L4g0KPQpiIgKNCy0LXRgNGB0LjQuCAyLjApDGPQodC10YDRgtC40YTQuNC60LDRgiDRgdC+0L7RgtCy0LXRgtGB0YLQstC40Y8g0KTQodCRINCg0L7RgdGB0LjQuCDihJYg0KHQpC8xMjQtMjUzOSDQvtGCIDE1LjAxLjIwMTUMY9Ch0LXRgNGC0LjRhNC40LrQsNGCINGB0L7QvtGC0LLQtdGC0YHRgtCy0LjRjyDQpNCh0JEg0KDQvtGB0YHQuNC4IOKEliDQodCkLzEyOC0yODgxINC+0YIgMTIuMDQuMjAxNjA2BgUqhQNkbwQtDCsi0JrRgNC40L/RgtC+0J/RgNC+IENTUCIgKNCy0LXRgNGB0LjRjyAzLjkpMGUGA1UdHwReMFwwWqBYoFaGVGh0dHA6Ly9jZXJ0ZW5yb2xsLnRlc3QuZ29zdXNsdWdpLnJ1L2NkcC8zZWVmMTkzZjBmYjk3OWIwZjFlNjI5MjFhM2U0Yjk5NWI5YTVlZTkwLmNybDBXBggrBgEFBQcBAQRLMEkwRwYIKwYBBQUHMAKGO2h0dHA6Ly9jZXJ0ZW5yb2xsLnRlc3QuZ29zdXNsdWdpLnJ1L2NkcC90ZXN0X2NhX3J0bGFiczIuY2VyMAgGBiqFAwICAwNBAAfuLimwLO1RNL+ekh4hgnPu+yyLSiF2xGN4yZqWeA4d5VKU2zxveBMmSb4nvJFZ/3Qod1aQDdlgTRObLhKnEO8=</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature></ns2:SMEVSignature></ns2:SendRequestResponse></soap:Body></soap:Envelope>";
public static void main(String[] args) throws Exception {
if(!JCPXMLDSigInit.isInitialized()) {
JCPXMLDSigInit.init();
} // if
Transform.register(SmevTransformSpi.ALGORITHM_URN, SmevTransformSpi.class);
final XPathFactory factory = XPathFactory.newInstance();
final XPath xpath = factory.newXPath();
DocumentBuilderFactory dbFactory = DocumentBuilderFactory.newInstance();
dbFactory.setNamespaceAware(true);
Document document = dbFactory.newDocumentBuilder().parse(
new ByteArrayInputStream(XML.getBytes()));
XPathExpression pathExpression = xpath.compile("//*[local-name()='Signature' and namespace-uri()='http://www.w3.org/2000/09/xmldsig#']");
NodeList signatureNodes = (NodeList) pathExpression.evaluate(document, XPathConstants.NODESET);
if (signatureNodes.getLength() == 0) {
throw new Exception("Signature node not found");
} // if
Element signatureElement = (Element) signatureNodes.item(0);
final XMLSignature signature = new XMLSignature(signatureElement, "");
final KeyInfo ki = signature.getKeyInfo();
final X509Certificate certKey = ki.getX509Certificate();
System.out.println("Valid: " + signature.checkSignatureValue(certKey.getPublicKey()));
}
|
|
 2 пользователей поблагодарили Евгений Афанасьев за этот пост.
|
|
|
|
Статус: Активный участник
Группы: Участники
Зарегистрирован: 27.04.2016(UTC)
Сообщений: 108
Сказал(а) «Спасибо»: 9 раз
Поблагодарили: 1 раз в 1 постах
|
Автор: Евгений Афанасьев Вот так проверилась: Код:
private static final String XML = "<soap:Envelope xmlns:soap=\"http://schemas.xmlsoap.org/soap/envelope/\"><soap:Body><ns2:SendRequestResponse xmlns=\"urn://x-artefacts-smev-gov-ru/services/message-exchange/types/basic/1.2\" xmlns:ns2=\"urn://x-artefacts-smev-gov-ru/services/message-exchange/types/1.2\" xmlns:ns3=\"urn://x-artefacts-smev-gov-ru/services/message-exchange/types/faults/1.2\"><ns2:MessageMetadata Id=\"SIGNED_BY_SMEV\"><ns2:MessageId>2cbaf714-bb17-11e8-855b-99bab6a0e000</ns2:MessageId><ns2:MessageType>REQUEST</ns2:MessageType><ns2:Sender><ns2:Mnemonic>966101_3T</ns2:Mnemonic></ns2:Sender><ns2:SendingTimestamp>2018-09-18T10:48:04.000+03:00</ns2:SendingTimestamp><ns2:Recipient><ns2:Mnemonic>emu</ns2:Mnemonic></ns2:Recipient><ns2:Status>requestIsQueued</ns2:Status></ns2:MessageMetadata><ns2:SMEVSignature><ds:Signature xmlns:ds=\"http://www.w3.org/2000/09/xmldsig#\"><ds:SignedInfo><ds:CanonicalizationMethod Algorithm=\"http://www.w3.org/2001/10/xml-exc-c14n#\"/><ds:SignatureMethod Algorithm=\"http://www.w3.org/2001/04/xmldsig-more#gostr34102001-gostr3411\"/><ds:Reference URI=\"#SIGNED_BY_SMEV\"><ds:Transforms><ds:Transform Algorithm=\"http://www.w3.org/2001/10/xml-exc-c14n#\"/><ds:Transform Algorithm=\"urn://smev-gov-ru/xmldsig/transform\"/></ds:Transforms><ds:DigestMethod Algorithm=\"http://www.w3.org/2001/04/xmldsig-more#gostr3411\"/><ds:DigestValue>0whNgrtZb62iwzjOe3+kCQRRgdN8l6DQW3AoJjIPSxc=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>hQjNldVzD7bZMWd803Ot5aBzGBPvN1gDXukm4La/CWkr0vw61iYMEOciNdip7+D9Wfzw2JSSPu3Ju1bHPRvFrQ==</ds:SignatureValue><ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIIH2DCCB4egAwIBAgIRAXILAVZQAHCj6BHaIfbqMnEwCAYGKoUDAgIDMIIBRjEYMBYGBSqFA2QBEg0xMjM0NTY3ODkwMTIzMRowGAYIKoUDA4EDAQESDDAwMTIzNDU2Nzg5MDEpMCcGA1UECQwg0KHRg9GJ0LXQstGB0LrQuNC5INCy0LDQuyDQtC4gMjYxFzAVBgkqhkiG9w0BCQEWCGNhQHJ0LnJ1MQswCQYDVQQGEwJSVTEYMBYGA1UECAwPNzcg0JzQvtGB0LrQstCwMRUwEwYDVQQHDAzQnNC+0YHQutCy0LAxJDAiBgNVBAoMG9Ce0JDQniDQoNC+0YHRgtC10LvQtdC60L7QvDEwMC4GA1UECwwn0KPQtNC+0YHRgtC+0LLQtdGA0Y/RjtGJ0LjQuSDRhtC10L3RgtGAMTQwMgYDVQQDDCvQotC10YHRgtC+0LLRi9C5INCj0KYg0KDQotCaICjQoNCi0JvQsNCx0YEpMB4XDTE4MDMwNzA3Mjc1M1oXDTE5MDMwNzA3Mzc1M1owggELMR8wHQYJKoZIhvcNAQkCDBDQotCh0JzQrdCSM1/QmtCaMRowGAYIKoUDA4EDAQESDDAwNzcwNzA0OTM4ODEYMBYGBSqFA2QBEg0xMDI3NzAwMTk4NzY3MSgwJgYDVQQKDB/Qn9CQ0J4gwqvQoNC+0YHRgtC10LvQtdC60L7QvMK7MSYwJAYDVQQHDB3QodCw0L3QutGCLdCf0LXRgtC10YDQsdGD0YDQszEpMCcGA1UECAwgNzgg0KHQsNC90LrRgi3Qn9C10YLQtdGA0LHRg9GA0LMxCzAJBgNVBAYTAlJVMSgwJgYDVQQDDB/Qn9CQ0J4gwqvQoNC+0YHRgtC10LvQtdC60L7QvMK7MGMwHAYGKoUDAgITMBIGByqFAwICJAAGByqFAwICHgEDQwAEQMC71XesoJAavwGJgMlhlPywcaFx3HYPwMUIYBhtoglDW3BhQUzgIXFQ6uvD7FUshBl38VH+AXZM/BkzGGzpzFSjggSDMIIEfzAOBgNVHQ8BAf8EBAMCBPAwHQYDVR0OBBYEFItxgSnIqbor48DVSfsV11JpIwXDMIIBiAYDVR0jBIIBfzCCAXuAFD7vGT8PuXmw8eYpIaPkuZW5pe6QoYIBTqSCAUowggFGMRgwFgYFKoUDZAESDTEyMzQ1Njc4OTAxMjMxGjAYBggqhQMDgQMBARIMMDAxMjM0NTY3ODkwMSkwJwYDVQQJDCDQodGD0YnQtdCy0YHQutC40Lkg0LLQsNC7INC0LiAyNjEXMBUGCSqGSIb3DQEJARYIY2FAcnQucnUxCzAJBgNVBAYTAlJVMRgwFgYDVQQIDA83NyDQnNC+0YHQutCy0LAxFTATBgNVBAcMDNCc0L7RgdC60LLQsDEkMCIGA1UECgwb0J7QkNCeINCg0L7RgdGC0LXQu9C10LrQvtC8MTAwLgYDVQQLDCfQo9C00L7RgdGC0L7QstC10YDRj9GO0YnQuNC5INGG0LXQvdGC0YAxNDAyBgNVBAMMK9Ci0LXRgdGC0L7QstGL0Lkg0KPQpiDQoNCi0JogKNCg0KLQm9Cw0LHRgSmCEQFyCwFWUAC5s+cRzzq+NHegMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDBDAnBgkrBgEEAYI3FQoEGjAYMAoGCCsGAQUFBwMCMAoGCCsGAQUFBwMEMB0GA1UdIAQWMBQwCAYGKoUDZHEBMAgGBiqFA2RxAjArBgNVHRAEJDAigA8yMDE4MDMwNzA3Mjc1M1qBDzIwMTkwMzA3MDcyNzUzWjCCATQGBSqFA2RwBIIBKTCCASUMKyLQmtGA0LjQv9GC0L7Qn9GA0L4gQ1NQIiAo0LLQtdGA0YHQuNGPIDMuOSkMLCLQmtGA0LjQv9GC0L7Qn9GA0L4g0KPQpiIgKNCy0LXRgNGB0LjQuCAyLjApDGPQodC10YDRgtC40YTQuNC60LDRgiDRgdC+0L7RgtCy0LXRgtGB0YLQstC40Y8g0KTQodCRINCg0L7RgdGB0LjQuCDihJYg0KHQpC8xMjQtMjUzOSDQvtGCIDE1LjAxLjIwMTUMY9Ch0LXRgNGC0LjRhNC40LrQsNGCINGB0L7QvtGC0LLQtdGC0YHRgtCy0LjRjyDQpNCh0JEg0KDQvtGB0YHQuNC4IOKEliDQodCkLzEyOC0yODgxINC+0YIgMTIuMDQuMjAxNjA2BgUqhQNkbwQtDCsi0JrRgNC40L/RgtC+0J/RgNC+IENTUCIgKNCy0LXRgNGB0LjRjyAzLjkpMGUGA1UdHwReMFwwWqBYoFaGVGh0dHA6Ly9jZXJ0ZW5yb2xsLnRlc3QuZ29zdXNsdWdpLnJ1L2NkcC8zZWVmMTkzZjBmYjk3OWIwZjFlNjI5MjFhM2U0Yjk5NWI5YTVlZTkwLmNybDBXBggrBgEFBQcBAQRLMEkwRwYIKwYBBQUHMAKGO2h0dHA6Ly9jZXJ0ZW5yb2xsLnRlc3QuZ29zdXNsdWdpLnJ1L2NkcC90ZXN0X2NhX3J0bGFiczIuY2VyMAgGBiqFAwICAwNBAAfuLimwLO1RNL+ekh4hgnPu+yyLSiF2xGN4yZqWeA4d5VKU2zxveBMmSb4nvJFZ/3Qod1aQDdlgTRObLhKnEO8=</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature></ns2:SMEVSignature></ns2:SendRequestResponse></soap:Body></soap:Envelope>";
public static void main(String[] args) throws Exception {
if(!JCPXMLDSigInit.isInitialized()) {
JCPXMLDSigInit.init();
} // if
Transform.register(SmevTransformSpi.ALGORITHM_URN, SmevTransformSpi.class);
final XPathFactory factory = XPathFactory.newInstance();
final XPath xpath = factory.newXPath();
DocumentBuilderFactory dbFactory = DocumentBuilderFactory.newInstance();
dbFactory.setNamespaceAware(true);
Document document = dbFactory.newDocumentBuilder().parse(
new ByteArrayInputStream(XML.getBytes()));
XPathExpression pathExpression = xpath.compile("//*[local-name()='Signature' and namespace-uri()='http://www.w3.org/2000/09/xmldsig#']");
NodeList signatureNodes = (NodeList) pathExpression.evaluate(document, XPathConstants.NODESET);
if (signatureNodes.getLength() == 0) {
throw new Exception("Signature node not found");
} // if
Element signatureElement = (Element) signatureNodes.item(0);
final XMLSignature signature = new XMLSignature(signatureElement, "");
final KeyInfo ki = signature.getKeyInfo();
final X509Certificate certKey = ki.getX509Certificate();
System.out.println("Valid: " + signature.checkSignatureValue(certKey.getPublicKey()));
}
Отлично - работает. Только строчку подправил - вылетало в исключение. Код:Transform.register(SmevTransformSpi.ALGORITHM_URN, SmevTransformSpi.class.getName());
|
|
|
|
|
|
Статус: Эксперт
Группы: Участники
Зарегистрирован: 05.03.2015(UTC) Сообщений: 1,602 Откуда: Иркутская область Сказал(а) «Спасибо»: 110 раз
Поблагодарили: 394 раз в 366 постах
|
Если суммировать - первый код пытался создать подпись из каждого тега с ID и не находил подписи, так как ID естественно стоял не на подписи, а на подписываемом фрагменте. Второй код по ID не ищет, просто выбрали все подписи в документе, потом первую проверили. Правильно я понял? Это не совсем хорошо, так как в ответе СМЭВ может быть несколько подписей (при использовании GetRequest или GetResponse фигурирует еще и ЭП ИС отправителя), а проверять по методическим рекомедациям в первую очередь нужно именно подпись СМЭВ. Поэтому нужно более строгое выражение XPath. Тут конечно уже дело техники, но на заметку тем, кто возможно будет копировать этот код без раздумий. Отредактировано пользователем 19 сентября 2018 г. 5:13:11(UTC)
| Причина: Не указана
|
|
|
|
|
|
Статус: Активный участник
Группы: Участники
Зарегистрирован: 27.04.2016(UTC)
Сообщений: 108
Сказал(а) «Спасибо»: 9 раз
Поблагодарили: 1 раз в 1 постах
|
Автор: two_oceans Если суммировать - первый код пытался создать подпись из каждого тега с ID и не находил подписи, так как ID естественно стоял не на подписи, а на подписываемом фрагменте. Второй код по ID не ищет, просто выбрали все подписи в документе, потом первую проверили. Правильно я понял?
Это не совсем хорошо, так как в ответе СМЭВ может быть несколько подписей (при использовании GetRequest или GetResponse фигурирует еще и ЭП ИС отправителя), а проверять по методическим рекомедациям в первую очередь нужно именно подпись СМЭВ. Поэтому нужно более строгое выражение XPath. Тут конечно уже дело техники, но на заметку тем, кто возможно будет копировать этот код без раздумий. Согласен с Вами - поэтому добавил еще Код:...
String Nameparent=signatureElement.getParentNode().getLocalName();
if (Nameparent.indexOf("SMEVSignature")>=0) {
...
P.S.: Пробегаясь по Код:...
for (int i = 0; i < signatureNodes.getLength(); i++) {
...
Отредактировано пользователем 19 сентября 2018 г. 8:27:31(UTC)
| Причина: Не указана
|
|
|
|
|
|
Статус: Активный участник
Группы: Участники
Зарегистрирован: 19.05.2015(UTC) Сообщений: 41  Сказала «Спасибо»: 4 раз
|
Добрый день! Столкнулись с ситуацией, что подпись СМЭВ3 перестала проходить проверку. Используем код из сообщения выше: Цитата:Вот так проверилась: Сначала получали такой xml-ответ: Код:<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"><soap:Body><ns2:GetResponseResponse xmlns="urn://x-artefacts-smev-gov-ru/services/message-exchange/types/basic/1.1" xmlns:ns2="urn://x-artefacts-smev-gov-ru/services/message-exchange/types/1.1" xmlns:ns3="urn://x-artefacts-smev-gov-ru/services/message-exchange/types/faults/1.1"><ns2:ResponseMessage><ns2:Response Id="SIGNED_BY_SMEV"><ns2:OriginalMessageId>9bb35f32-c571-11e8-995f-0050569489c2</ns2:OriginalMessageId><ns2:ReferenceMessageID>9bb35f32-c571-11e8-995f-0050569489c2</ns2:ReferenceMessageID><ns2:SenderProvidedResponseData Id="SIGNED_BY_CALLER"><ns2:MessageID>7103a30f-c571-11e8-a2ae-005056897fe0</ns2:MessageID><ns2:To>eyJzaWQiOjEwMzUzMCwibWlkIjoiOWJiMzVmMzItYzU3MS0xMWU4LTk5NWYtMDA1MDU2OTQ4OWMyIiwicmlkIjoiOWJiMzVmMzItYzU3MS0xMWU4LTk5NWYtMDA1MDU2OTQ4OWMyIiwiZW9sIjowLCJzbGMiOiJtaW5jb21zdnlhel9pbnRlcmdyYXRpb25fbW9kdWxlXzEuMC4wX1VzZXJPcmRlclJlcXVlc3QiLCJtbm0iOiI5NjU3MDEifQ==</ns2:To><MessagePrimaryContent><UserOrderResponse:UserOrderResponse xmlns:UserOrderResponse="urn://mincomsvyaz/intergration_module/1.0.1" xmlns="urn://mincomsvyaz/intergration_module/1.0.1" xmlns:ns2="urn://mincomsvyaz/commons/integration_module_types/1.0.1" xmlns:ns3="urn://x-artefacts-smev-gov-ru/services/message-exchange/types/faults/1.2"><statusCode>COMPLETE_ERROR</statusCode><errorStatusInfo><ns2:Code>1</ns2:Code><ns2:Message>Access denied for current sender: ИС не имеет права на вызов сервиса</ns2:Message></errorStatusInfo></UserOrderResponse:UserOrderResponse></MessagePrimaryContent></ns2:SenderProvidedResponseData><ns2:MessageMetadata><ns2:MessageId>7103a30f-c571-11e8-a2ae-005056897fe0</ns2:MessageId><ns2:MessageType>RESPONSE</ns2:MessageType><ns2:Sender><ns2:Mnemonic>MNSV03</ns2:Mnemonic><ns2:HumanReadableName>ЕПГУ</ns2:HumanReadableName></ns2:Sender><ns2:SendingTimestamp>2018-10-01T14:59:25.000+03:00</ns2:SendingTimestamp><ns2:DestinationName>unknown</ns2:DestinationName><ns2:Recipient><ns2:Mnemonic>965701</ns2:Mnemonic><ns2:HumanReadableName>АБС «Омега»</ns2:HumanReadableName></ns2:Recipient><ns2:SupplementaryData><ns2:DetectedContentTypeName>not detected</ns2:DetectedContentTypeName><ns2:InteractionType>NotDetected</ns2:InteractionType></ns2:SupplementaryData><ns2:DeliveryTimestamp>2018-10-01T15:01:23.291+03:00</ns2:DeliveryTimestamp><ns2:Status>responseIsDelivered</ns2:Status></ns2:MessageMetadata><ns2:SenderInformationSystemSignature><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns="urn://x-artefacts-smev-gov-ru/services/message-exchange/types/basic/1.2" xmlns:ns2="urn://x-artefacts-smev-gov-ru/services/message-exchange/types/1.2" xmlns:ns3="urn://x-artefacts-smev-gov-ru/services/message-exchange/types/faults/1.2"><ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/><ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#gostr34102001-gostr3411"/><ds:Reference URI="#SIGNED_BY_CALLER"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/><ds:Transform Algorithm="urn://smev-gov-ru/xmldsig/transform"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#gostr3411"/><ds:DigestValue>u1aBxIhXEBFymZhbrmgchCnYIgBbVu6XbXmUSBlS1Ik=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>fjLGQn3d/0nm2fYN5HR4sGg5C8dqgif5o1pA0yMCLp2a2+BFosSkMQTZ+utgKcBy+6VLBAZIxts0Gzt3qWY2Wg==</ds:SignatureValue><ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIIIzDCCCHugAwIBAgIRBSg0t5m1aF6y5xE902bvYkcwCAYGKoUDAgIDMIIBRjEYMBYGBSqFA2QBEg0xMDI3NzAwMTk4NzY3MRowGAYIKoUDA4EDAQESDDAwNzcwNzA0OTM4ODElMCMGA1UECQwc0KHRg9GJ0LXQstGB0LrQuNC5INCy0LDQuyAyNjEXMBUGCSqGSIb3DQEJARYIY2FAcnQucnUxCzAJBgNVBAYTAlJVMRUwEwYDVQQIDAzQnNC+0YHQutCy0LAxFTATBgNVBAcMDNCc0L7RgdC60LLQsDEkMCIGA1UECgwb0J/QkNCeINCg0L7RgdGC0LXQu9C10LrQvtC8MR0wGwYDVQQLDBTQntCY0JEg0JTQpNCfINCg0KLQmjFOMEwGA1UEAwxF0KPQtNC+0YHRgtC+0LLQtdGA0Y/RjtGJ0LjQuSDRhtC10L3RgtGAINCf0JDQniAi0KDQvtGB0YLQtdC70LXQutC+0LwiMB4XDTE3MTEyNzA2MjYyMloXDTE4MTEyNzA2MzYyMlowggH5MRcwFQYJKoZIhvcNAQkCDAjQldCf0JPQozEgMB4GCSqGSIb3DQEJARYRc2RAc2MubWluc3Z5YXoucnUxGjAYBggqhQMDgQMBARIMMDA3NzEwNDc0Mzc1MRgwFgYFKoUDZAESDTEwNDc3MDIwMjY3MDExgYEwfwYDVQQKDHjQnNC40L3QuNGB0YLQtdGA0YHRgtCy0L4g0YHQstGP0LfQuCDQuCDQvNCw0YHRgdC+0LLRi9GFINC60L7QvNC80YPQvdC40LrQsNGG0LjQuSDQoNC+0YHRgdC40LnRgdC60L7QuSDQpNC10LTQtdGA0LDRhtC40LgxQDA+BgNVBAkMNzEyNTM3NSwg0LMuINCc0L7RgdC60LLQsCwg0YPQuy4g0KLQstC10YDRgdC60LDRjywg0LQuIDcxFTATBgNVBAcMDNCc0L7RgdC60LLQsDEYMBYGA1UECAwPNzcg0JzQvtGB0LrQstCwMQswCQYDVQQGEwJSVTGBgTB/BgNVBAMMeNCc0LjQvdC40YHRgtC10YDRgdGC0LLQviDRgdCy0Y/Qt9C4INC4INC80LDRgdGB0L7QstGL0YUg0LrQvtC80LzRg9C90LjQutCw0YbQuNC5INCg0L7RgdGB0LjQudGB0LrQvtC5INCk0LXQtNC10YDQsNGG0LjQuDBjMBwGBiqFAwICEzASBgcqhQMCAiQABgcqhQMCAh4BA0MABEAXfpImzh7EwZGlI8nliqHkkfTk2A/swQIqf/GuBlcUY2jXlmjyiTo/8bKW2aelSf10G8ZoqvvyUQ1w/a7KLowFo4IEiTCCBIUwDgYDVR0PAQH/BAQDAgTwMB0GA1UdDgQWBBQ3TG1ZC1jDhP520Sdd9/9KlUdf+TCCAWMGA1UdIwSCAVowggFWgBQmF7XLHe7Kaq8TJklEWdhuS4LRXqGCASmkggElMIIBITEaMBgGCCqFAwOBAwEBEgwwMDc3MTA0NzQzNzUxGDAWBgUqhQNkARINMTA0NzcwMjAyNjcwMTEeMBwGCSqGSIb3DQEJARYPZGl0QG1pbnN2eWF6LnJ1MTwwOgYDVQQJDDMxMjUzNzUg0LMuINCc0L7RgdC60LLQsCDRg9C7LiDQotCy0LXRgNGB0LrQsNGPINC0LjcxLDAqBgNVBAoMI9Cc0LjQvdC60L7QvNGB0LLRj9C30Ywg0KDQvtGB0YHQuNC4MRUwEwYDVQQHDAzQnNC+0YHQutCy0LAxHDAaBgNVBAgMEzc3INCzLiDQnNC+0YHQutCy0LAxCzAJBgNVBAYTAlJVMRswGQYDVQQDDBLQo9CmIDEg0JjQoSDQk9Cj0KaCEQSoHkAFqRhcguYRZccOKb5WMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDBDAdBgNVHSAEFjAUMAgGBiqFA2RxATAIBgYqhQNkcQIwggE0BgUqhQNkcASCASkwggElDCsi0JrRgNC40L/RgtC+0J/RgNC+IENTUCIgKNCy0LXRgNGB0LjRjyAzLjkpDCwi0JrRgNC40L/RgtC+0J/RgNC+INCj0KYiICjQstC10YDRgdC40LggMi4wKQxj0KHQtdGA0YLQuNGE0LjQutCw0YIg0YHQvtC+0YLQstC10YLRgdGC0LLQuNGPINCk0KHQkSDQoNC+0YHRgdC40Lgg4oSWINCh0KQvMTI0LTI1Mzkg0L7RgiAxNS4wMS4yMDE1DGPQodC10YDRgtC40YTQuNC60LDRgiDRgdC+0L7RgtCy0LXRgtGB0YLQstC40Y8g0KTQodCRINCg0L7RgdGB0LjQuCDihJYg0KHQpC8xMjgtMjg4MSDQvtGCIDEyLjA0LjIwMTYwNgYFKoUDZG8ELQwrItCa0YDQuNC/0YLQvtCf0YDQviBDU1AiICjQstC10YDRgdC40Y8gMy45KTCBrAYIKwYBBQUHAQEEgZ8wgZwwNAYIKwYBBQUHMAGGKGh0dHA6Ly9jZXJ0ZW5yb2xsLmNhLnJ0LnJ1L29jc3Avb2NzcC5zcmYwMgYIKwYBBQUHMAKGJmh0dHA6Ly9jZXJ0ZW5yb2xsLmNhLnJ0LnJ1L2NhX3J0azYuY3J0MDAGCCsGAQUFBzAChiRodHRwOi8vcm9zdGVsZWNvbS5ydS9jZHAvY2FfcnRrNi5jcnQwYwYDVR0fBFwwWjAsoCqgKIYmaHR0cDovL2NlcnRlbnJvbGwuY2EucnQucnUvY2FfcnRrNi5jcmwwKqAooCaGJGh0dHA6Ly9yb3N0ZWxlY29tLnJ1L2NkcC9jYV9ydGs2LmNybDArBgNVHRAEJDAigA8yMDE3MTEyNzA2MjYyMVqBDzIwMTgxMTI3MDYyNjIxWjAIBgYqhQMCAgMDQQCdOefyv5uXaDjWrp8BAKZzivxn+pGD6a83Ksp+PjRYLnrT7crvikF/S7j4S2mP2BerDvt1yEBsOLN56x7Hp6nz</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature></ns2:SenderInformationSystemSignature></ns2:Response><ns2:SMEVSignature><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"><ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/><ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#gostr34102001-gostr3411"/><ds:Reference URI="#SIGNED_BY_SMEV"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/><ds:Transform Algorithm="urn://smev-gov-ru/xmldsig/transform"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#gostr3411"/><ds:DigestValue>adsXaZZzwJ1n13+i+Z4gymqOc5/S8Kvn34XHVKH4s10=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>LleHQYaIgMKYBMxQWYIalmqgzV4I4RlOFFQnzecHi1Zfjjbl5qx/OBjzZwcdqqjYjbm+01b/GrLkMZo5sShjiw==</ds:SignatureValue><ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIIISTCCB/igAwIBAgIRBSg0t5m1aF6y6BEtPruaPfcwCAYGKoUDAgIDMIIBRjEYMBYGBSqFA2QBEg0xMDI3NzAwMTk4NzY3MRowGAYIKoUDA4EDAQESDDAwNzcwNzA0OTM4ODElMCMGA1UECQwc0KHRg9GJ0LXQstGB0LrQuNC5INCy0LDQuyAyNjEXMBUGCSqGSIb3DQEJARYIY2FAcnQucnUxCzAJBgNVBAYTAlJVMRUwEwYDVQQIDAzQnNC+0YHQutCy0LAxFTATBgNVBAcMDNCc0L7RgdC60LLQsDEkMCIGA1UECgwb0J/QkNCeINCg0L7RgdGC0LXQu9C10LrQvtC8MR0wGwYDVQQLDBTQntCY0JEg0JTQpNCfINCg0KLQmjFOMEwGA1UEAwxF0KPQtNC+0YHRgtC+0LLQtdGA0Y/RjtGJ0LjQuSDRhtC10L3RgtGAINCf0JDQniAi0KDQvtGB0YLQtdC70LXQutC+0LwiMB4XDTE4MDQxMjA4MzYxOVoXDTE5MDQxMjA4NDYxOVowggF2MTQwMgYJKoZIhvcNAQkCDCXQodC10YDRgtC40YTQuNC60LDRgiDQrdCfLdCh0JzQrdCSMy4wMRowGAYIKoUDA4EDAQESDDAwNzcwNzA0OTM4ODEYMBYGBSqFA2QBEg0xMDI3NzAwMTk4NzY3MSYwJAYDVQQKDB3Qn9CQ0J4gItCg0L7RgdGC0LXQu9C10LrQvtC8IjFYMFYGA1UECQxPMTkxMDAyLCDQsy4g0KHQsNC90LrRgi3Qn9C10YLQtdGA0LHRg9GA0LMsINGD0LsuINCU0L7RgdGC0L7QtdCy0YHQutC+0LPQviDQtC4xNTEmMCQGA1UEBwwd0KHQsNC90LrRgi3Qn9C10YLQtdGA0LHRg9GA0LMxKTAnBgNVBAgMIDc4INCh0LDQvdC60YIt0J/QtdGC0LXRgNCx0YPRgNCzMQswCQYDVQQGEwJSVTEmMCQGA1UEAwwd0J/QkNCeICLQoNC+0YHRgtC10LvQtdC60L7QvCIwYzAcBgYqhQMCAhMwEgYHKoUDAgIkAAYHKoUDAgIeAQNDAARAQhZgobRQnxEUNBj8FGwuE4HeztIWMjISMrsVTi85dcmAHJLZJwoFd/OQmPtpTsGdoM6k3UckNN+t/cy3Lfd3yaOCBIkwggSFMA4GA1UdDwEB/wQEAwIE8DAdBgNVHQ4EFgQUDxL1e+2kYkpUGDrMWP+QXk9dE80wggFjBgNVHSMEggFaMIIBVoAUJhe1yx3uymqvEyZJRFnYbkuC0V6hggEppIIBJTCCASExGjAYBggqhQMDgQMBARIMMDA3NzEwNDc0Mzc1MRgwFgYFKoUDZAESDTEwNDc3MDIwMjY3MDExHjAcBgkqhkiG9w0BCQEWD2RpdEBtaW5zdnlhei5ydTE8MDoGA1UECQwzMTI1Mzc1INCzLiDQnNC+0YHQutCy0LAg0YPQuy4g0KLQstC10YDRgdC60LDRjyDQtC43MSwwKgYDVQQKDCPQnNC40L3QutC+0LzRgdCy0Y/Qt9GMINCg0L7RgdGB0LjQuDEVMBMGA1UEBwwM0JzQvtGB0LrQstCwMRwwGgYDVQQIDBM3NyDQsy4g0JzQvtGB0LrQstCwMQswCQYDVQQGEwJSVTEbMBkGA1UEAwwS0KPQpiAxINCY0KEg0JPQo9CmghEEqB5ABakYXILmEWXHDim+VjAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwQwHQYDVR0gBBYwFDAIBgYqhQNkcQEwCAYGKoUDZHECMIIBNAYFKoUDZHAEggEpMIIBJQwrItCa0YDQuNC/0YLQvtCf0YDQviBDU1AiICjQstC10YDRgdC40Y8gMy45KQwsItCa0YDQuNC/0YLQvtCf0YDQviDQo9CmIiAo0LLQtdGA0YHQuNC4IDIuMCkMY9Ch0LXRgNGC0LjRhNC40LrQsNGCINGB0L7QvtGC0LLQtdGC0YHRgtCy0LjRjyDQpNCh0JEg0KDQvtGB0YHQuNC4IOKEliDQodCkLzEyNC0yNTM5INC+0YIgMTUuMDEuMjAxNQxj0KHQtdGA0YLQuNGE0LjQutCw0YIg0YHQvtC+0YLQstC10YLRgdGC0LLQuNGPINCk0KHQkSDQoNC+0YHRgdC40Lgg4oSWINCh0KQvMTI4LTI4ODEg0L7RgiAxMi4wNC4yMDE2MDYGBSqFA2RvBC0MKyLQmtGA0LjQv9GC0L7Qn9GA0L4gQ1NQIiAo0LLQtdGA0YHQuNGPIDMuOSkwgawGCCsGAQUFBwEBBIGfMIGcMDQGCCsGAQUFBzABhihodHRwOi8vY2VydGVucm9sbC5jYS5ydC5ydS9vY3NwL29jc3Auc3JmMDIGCCsGAQUFBzAChiZodHRwOi8vY2VydGVucm9sbC5jYS5ydC5ydS9jYV9ydGs2LmNydDAwBggrBgEFBQcwAoYkaHR0cDovL3Jvc3RlbGVjb20ucnUvY2RwL2NhX3J0azYuY3J0MGMGA1UdHwRcMFowLKAqoCiGJmh0dHA6Ly9jZXJ0ZW5yb2xsLmNhLnJ0LnJ1L2NhX3J0azYuY3JsMCqgKKAmhiRodHRwOi8vcm9zdGVsZWNvbS5ydS9jZHAvY2FfcnRrNi5jcmwwKwYDVR0QBCQwIoAPMjAxODA0MTIwODM2MThagQ8yMDE5MDQxMjA4MzYxOFowCAYGKoUDAgIDA0EAhRD49mwPqTFeCakkYrqluCQE97RhGd/5sjgTR0SvVbJIja4vO/kYtFWzctaOkVKul3D6HxQy68ORvHDh9jJrHQ==</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature></ns2:SMEVSignature></ns2:ResponseMessage></ns2:GetResponseResponse></soap:Body></soap:Envelope>
И для него checkSignatureValue() возвращает true. А теперь получаем: Код:<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"><soap:Body><ns2:GetResponseResponse xmlns="urn://x-artefacts-smev-gov-ru/services/message-exchange/types/basic/1.1" xmlns:ns2="urn://x-artefacts-smev-gov-ru/services/message-exchange/types/1.1" xmlns:ns3="urn://x-artefacts-smev-gov-ru/services/message-exchange/types/faults/1.1"><ns2:ResponseMessage><ns2:Response Id="SIGNED_BY_SMEV"><ns2:OriginalMessageId>56e9a96f-d39d-11e8-b3fd-0050569489c2</ns2:OriginalMessageId><ns2:ReferenceMessageID>56e9a96f-d39d-11e8-b3fd-0050569489c2</ns2:ReferenceMessageID><ns2:SenderProvidedResponseData Id="SIGNED_BY_CALLER"><ns2:MessageID>f284c474-d3a2-11e8-9a8b-0050568925e4</ns2:MessageID><ns2:To>eyJzaWQiOjEwMzUzMCwibWlkIjoiNTZlOWE5NmYtZDM5ZC0xMWU4LWIzZmQtMDA1MDU2OTQ4OWMyIiwicmlkIjoiNTZlOWE5NmYtZDM5ZC0xMWU4LWIzZmQtMDA1MDU2OTQ4OWMyIiwiZW9sIjowLCJzbGMiOiJtaW5jb21zdnlhel9pbnRlcmdyYXRpb25fbW9kdWxlXzEuMC4wX1VzZXJPcmRlclJlcXVlc3QiLCJtbm0iOiI5NjU3MDEifQ==</ns2:To><MessagePrimaryContent><UserOrderResponse:UserOrderResponse xmlns:UserOrderResponse="urn://mincomsvyaz/intergration_module/1.0.1" xmlns="urn://mincomsvyaz/intergration_module/1.0.1" xmlns:ns2="urn://mincomsvyaz/commons/integration_module_types/1.0.1" xmlns:ns3="urn://x-artefacts-smev-gov-ru/services/message-exchange/types/faults/1.2"><statusCode>COMPLETE_SUCCESS</statusCode><limit><ns2:day>10000</ns2:day><ns2:month>100000</ns2:month><ns2:total>9999999</ns2:total></limit><stat><ns2:day>1</ns2:day><ns2:month>1</ns2:month><ns2:total>1</ns2:total></stat><errorStatusInfo><ns2:Code>0</ns2:Code><ns2:Message>OK</ns2:Message></errorStatusInfo></UserOrderResponse:UserOrderResponse></MessagePrimaryContent><RefAttachmentHeaderList><RefAttachmentHeader><uuid>f6ebec2e-03b4-4b0c-bd22-5e1502c8aeae</uuid><Hash>KS3AcRvLHe5ya39cwlH8vtJQAHEj+mXjGmbeT3yVW2M=</Hash><MimeType>application/xml</MimeType><SignaturePKCS7><xop:Include xmlns:xop="http://www.w3.org/2004/08/xop/include" href="cid:0eae010e-a9f9-4aac-ab01-bf6aef98b62f-1522476@urn%3A%2F%2Fx-artefacts-smev-gov-ru%2Fservices%2Fmessage-exchange%2Ftypes%2Fbasic%2F1.1"/></SignaturePKCS7></RefAttachmentHeader></RefAttachmentHeaderList></ns2:SenderProvidedResponseData><ns2:MessageMetadata><ns2:MessageId>f284c474-d3a2-11e8-9a8b-0050568925e4</ns2:MessageId><ns2:MessageType>RESPONSE</ns2:MessageType><ns2:Sender><ns2:Mnemonic>MNSV03</ns2:Mnemonic><ns2:HumanReadableName>ЕПГУ</ns2:HumanReadableName></ns2:Sender><ns2:SendingTimestamp>2018-10-19T16:29:05.000+03:00</ns2:SendingTimestamp><ns2:DestinationName>unknown</ns2:DestinationName><ns2:Recipient><ns2:Mnemonic>965701</ns2:Mnemonic><ns2:HumanReadableName>АБС «Омега»</ns2:HumanReadableName></ns2:Recipient><ns2:SupplementaryData><ns2:DetectedContentTypeName>not detected</ns2:DetectedContentTypeName><ns2:InteractionType>NotDetected</ns2:InteractionType></ns2:SupplementaryData><ns2:DeliveryTimestamp>2018-10-23T03:06:39.544+03:00</ns2:DeliveryTimestamp><ns2:Status>responseIsDelivered</ns2:Status></ns2:MessageMetadata><FSAttachmentsList><FSAttachment><uuid>f6ebec2e-03b4-4b0c-bd22-5e1502c8aeae</uuid><UserName>WLcCmEPcdqh9SZFDVdbyMFzyY5LsO1</UserName><Password>jlSlSKCs8mj97Z0clx43WSmnDGfhe3</Password><FileName>/Извещение о состоянии индивидуального лицевого счета застрахованного лица 030-391-017 00.xml</FileName></FSAttachment></FSAttachmentsList><ns2:SenderInformationSystemSignature><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns="urn://x-artefacts-smev-gov-ru/services/message-exchange/types/basic/1.2" xmlns:ns2="urn://x-artefacts-smev-gov-ru/services/message-exchange/types/1.2" xmlns:ns3="urn://x-artefacts-smev-gov-ru/services/message-exchange/types/faults/1.2"><ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/><ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#gostr34102001-gostr3411"/><ds:Reference URI="#SIGNED_BY_CALLER"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/><ds:Transform Algorithm="urn://smev-gov-ru/xmldsig/transform"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#gostr3411"/><ds:DigestValue>efrFcnS/ML5ndREh6Fs73KuW+IHCTmVzEDQ/rWqGY7k=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>yAFkyhIxpswblIg1kSFz7nyPDavPxw3SstZBqWDs6FywFxyeFm5djtv8AMBwqvbQgRcrfMKqmEHlHpvXOXD6zQ==</ds:SignatureValue><ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIIIzDCCCHugAwIBAgIRBSg0t5m1aF6y5xE902bvYkcwCAYGKoUDAgIDMIIBRjEYMBYGBSqFA2QBEg0xMDI3NzAwMTk4NzY3MRowGAYIKoUDA4EDAQESDDAwNzcwNzA0OTM4ODElMCMGA1UECQwc0KHRg9GJ0LXQstGB0LrQuNC5INCy0LDQuyAyNjEXMBUGCSqGSIb3DQEJARYIY2FAcnQucnUxCzAJBgNVBAYTAlJVMRUwEwYDVQQIDAzQnNC+0YHQutCy0LAxFTATBgNVBAcMDNCc0L7RgdC60LLQsDEkMCIGA1UECgwb0J/QkNCeINCg0L7RgdGC0LXQu9C10LrQvtC8MR0wGwYDVQQLDBTQntCY0JEg0JTQpNCfINCg0KLQmjFOMEwGA1UEAwxF0KPQtNC+0YHRgtC+0LLQtdGA0Y/RjtGJ0LjQuSDRhtC10L3RgtGAINCf0JDQniAi0KDQvtGB0YLQtdC70LXQutC+0LwiMB4XDTE3MTEyNzA2MjYyMloXDTE4MTEyNzA2MzYyMlowggH5MRcwFQYJKoZIhvcNAQkCDAjQldCf0JPQozEgMB4GCSqGSIb3DQEJARYRc2RAc2MubWluc3Z5YXoucnUxGjAYBggqhQMDgQMBARIMMDA3NzEwNDc0Mzc1MRgwFgYFKoUDZAESDTEwNDc3MDIwMjY3MDExgYEwfwYDVQQKDHjQnNC40L3QuNGB0YLQtdGA0YHRgtCy0L4g0YHQstGP0LfQuCDQuCDQvNCw0YHRgdC+0LLRi9GFINC60L7QvNC80YPQvdC40LrQsNGG0LjQuSDQoNC+0YHRgdC40LnRgdC60L7QuSDQpNC10LTQtdGA0LDRhtC40LgxQDA+BgNVBAkMNzEyNTM3NSwg0LMuINCc0L7RgdC60LLQsCwg0YPQuy4g0KLQstC10YDRgdC60LDRjywg0LQuIDcxFTATBgNVBAcMDNCc0L7RgdC60LLQsDEYMBYGA1UECAwPNzcg0JzQvtGB0LrQstCwMQswCQYDVQQGEwJSVTGBgTB/BgNVBAMMeNCc0LjQvdC40YHRgtC10YDRgdGC0LLQviDRgdCy0Y/Qt9C4INC4INC80LDRgdGB0L7QstGL0YUg0LrQvtC80LzRg9C90LjQutCw0YbQuNC5INCg0L7RgdGB0LjQudGB0LrQvtC5INCk0LXQtNC10YDQsNGG0LjQuDBjMBwGBiqFAwICEzASBgcqhQMCAiQABgcqhQMCAh4BA0MABEAXfpImzh7EwZGlI8nliqHkkfTk2A/swQIqf/GuBlcUY2jXlmjyiTo/8bKW2aelSf10G8ZoqvvyUQ1w/a7KLowFo4IEiTCCBIUwDgYDVR0PAQH/BAQDAgTwMB0GA1UdDgQWBBQ3TG1ZC1jDhP520Sdd9/9KlUdf+TCCAWMGA1UdIwSCAVowggFWgBQmF7XLHe7Kaq8TJklEWdhuS4LRXqGCASmkggElMIIBITEaMBgGCCqFAwOBAwEBEgwwMDc3MTA0NzQzNzUxGDAWBgUqhQNkARINMTA0NzcwMjAyNjcwMTEeMBwGCSqGSIb3DQEJARYPZGl0QG1pbnN2eWF6LnJ1MTwwOgYDVQQJDDMxMjUzNzUg0LMuINCc0L7RgdC60LLQsCDRg9C7LiDQotCy0LXRgNGB0LrQsNGPINC0LjcxLDAqBgNVBAoMI9Cc0LjQvdC60L7QvNGB0LLRj9C30Ywg0KDQvtGB0YHQuNC4MRUwEwYDVQQHDAzQnNC+0YHQutCy0LAxHDAaBgNVBAgMEzc3INCzLiDQnNC+0YHQutCy0LAxCzAJBgNVBAYTAlJVMRswGQYDVQQDDBLQo9CmIDEg0JjQoSDQk9Cj0KaCEQSoHkAFqRhcguYRZccOKb5WMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDBDAdBgNVHSAEFjAUMAgGBiqFA2RxATAIBgYqhQNkcQIwggE0BgUqhQNkcASCASkwggElDCsi0JrRgNC40L/RgtC+0J/RgNC+IENTUCIgKNCy0LXRgNGB0LjRjyAzLjkpDCwi0JrRgNC40L/RgtC+0J/RgNC+INCj0KYiICjQstC10YDRgdC40LggMi4wKQxj0KHQtdGA0YLQuNGE0LjQutCw0YIg0YHQvtC+0YLQstC10YLRgdGC0LLQuNGPINCk0KHQkSDQoNC+0YHRgdC40Lgg4oSWINCh0KQvMTI0LTI1Mzkg0L7RgiAxNS4wMS4yMDE1DGPQodC10YDRgtC40YTQuNC60LDRgiDRgdC+0L7RgtCy0LXRgtGB0YLQstC40Y8g0KTQodCRINCg0L7RgdGB0LjQuCDihJYg0KHQpC8xMjgtMjg4MSDQvtGCIDEyLjA0LjIwMTYwNgYFKoUDZG8ELQwrItCa0YDQuNC/0YLQvtCf0YDQviBDU1AiICjQstC10YDRgdC40Y8gMy45KTCBrAYIKwYBBQUHAQEEgZ8wgZwwNAYIKwYBBQUHMAGGKGh0dHA6Ly9jZXJ0ZW5yb2xsLmNhLnJ0LnJ1L29jc3Avb2NzcC5zcmYwMgYIKwYBBQUHMAKGJmh0dHA6Ly9jZXJ0ZW5yb2xsLmNhLnJ0LnJ1L2NhX3J0azYuY3J0MDAGCCsGAQUFBzAChiRodHRwOi8vcm9zdGVsZWNvbS5ydS9jZHAvY2FfcnRrNi5jcnQwYwYDVR0fBFwwWjAsoCqgKIYmaHR0cDovL2NlcnRlbnJvbGwuY2EucnQucnUvY2FfcnRrNi5jcmwwKqAooCaGJGh0dHA6Ly9yb3N0ZWxlY29tLnJ1L2NkcC9jYV9ydGs2LmNybDArBgNVHRAEJDAigA8yMDE3MTEyNzA2MjYyMVqBDzIwMTgxMTI3MDYyNjIxWjAIBgYqhQMCAgMDQQCdOefyv5uXaDjWrp8BAKZzivxn+pGD6a83Ksp+PjRYLnrT7crvikF/S7j4S2mP2BerDvt1yEBsOLN56x7Hp6nz</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature></ns2:SenderInformationSystemSignature></ns2:Response><ns2:SMEVSignature><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"><ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/><ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#gostr34102001-gostr3411"/><ds:Reference URI="#SIGNED_BY_SMEV"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/><ds:Transform Algorithm="urn://smev-gov-ru/xmldsig/transform"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#gostr3411"/><ds:DigestValue>fLrXcGOle6OLTo7DHO9R8VzztqW/FptTspZgk1X0ErE=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>0TfiqqUjvlIf8lMJi3YYDgXvC1v2cv25lcdmuNS8Z1B+lDHB6ZT2BuXitsTWh0eWPb/Z/G+oCkkoPTknqsmSjg==</ds:SignatureValue><ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIIISTCCB/igAwIBAgIRBSg0t5m1aF6y6BEtPruaPfcwCAYGKoUDAgIDMIIBRjEYMBYGBSqFA2QBEg0xMDI3NzAwMTk4NzY3MRowGAYIKoUDA4EDAQESDDAwNzcwNzA0OTM4ODElMCMGA1UECQwc0KHRg9GJ0LXQstGB0LrQuNC5INCy0LDQuyAyNjEXMBUGCSqGSIb3DQEJARYIY2FAcnQucnUxCzAJBgNVBAYTAlJVMRUwEwYDVQQIDAzQnNC+0YHQutCy0LAxFTATBgNVBAcMDNCc0L7RgdC60LLQsDEkMCIGA1UECgwb0J/QkNCeINCg0L7RgdGC0LXQu9C10LrQvtC8MR0wGwYDVQQLDBTQntCY0JEg0JTQpNCfINCg0KLQmjFOMEwGA1UEAwxF0KPQtNC+0YHRgtC+0LLQtdGA0Y/RjtGJ0LjQuSDRhtC10L3RgtGAINCf0JDQniAi0KDQvtGB0YLQtdC70LXQutC+0LwiMB4XDTE4MDQxMjA4MzYxOVoXDTE5MDQxMjA4NDYxOVowggF2MTQwMgYJKoZIhvcNAQkCDCXQodC10YDRgtC40YTQuNC60LDRgiDQrdCfLdCh0JzQrdCSMy4wMRowGAYIKoUDA4EDAQESDDAwNzcwNzA0OTM4ODEYMBYGBSqFA2QBEg0xMDI3NzAwMTk4NzY3MSYwJAYDVQQKDB3Qn9CQ0J4gItCg0L7RgdGC0LXQu9C10LrQvtC8IjFYMFYGA1UECQxPMTkxMDAyLCDQsy4g0KHQsNC90LrRgi3Qn9C10YLQtdGA0LHRg9GA0LMsINGD0LsuINCU0L7RgdGC0L7QtdCy0YHQutC+0LPQviDQtC4xNTEmMCQGA1UEBwwd0KHQsNC90LrRgi3Qn9C10YLQtdGA0LHRg9GA0LMxKTAnBgNVBAgMIDc4INCh0LDQvdC60YIt0J/QtdGC0LXRgNCx0YPRgNCzMQswCQYDVQQGEwJSVTEmMCQGA1UEAwwd0J/QkNCeICLQoNC+0YHRgtC10LvQtdC60L7QvCIwYzAcBgYqhQMCAhMwEgYHKoUDAgIkAAYHKoUDAgIeAQNDAARAQhZgobRQnxEUNBj8FGwuE4HeztIWMjISMrsVTi85dcmAHJLZJwoFd/OQmPtpTsGdoM6k3UckNN+t/cy3Lfd3yaOCBIkwggSFMA4GA1UdDwEB/wQEAwIE8DAdBgNVHQ4EFgQUDxL1e+2kYkpUGDrMWP+QXk9dE80wggFjBgNVHSMEggFaMIIBVoAUJhe1yx3uymqvEyZJRFnYbkuC0V6hggEppIIBJTCCASExGjAYBggqhQMDgQMBARIMMDA3NzEwNDc0Mzc1MRgwFgYFKoUDZAESDTEwNDc3MDIwMjY3MDExHjAcBgkqhkiG9w0BCQEWD2RpdEBtaW5zdnlhei5ydTE8MDoGA1UECQwzMTI1Mzc1INCzLiDQnNC+0YHQutCy0LAg0YPQuy4g0KLQstC10YDRgdC60LDRjyDQtC43MSwwKgYDVQQKDCPQnNC40L3QutC+0LzRgdCy0Y/Qt9GMINCg0L7RgdGB0LjQuDEVMBMGA1UEBwwM0JzQvtGB0LrQstCwMRwwGgYDVQQIDBM3NyDQsy4g0JzQvtGB0LrQstCwMQswCQYDVQQGEwJSVTEbMBkGA1UEAwwS0KPQpiAxINCY0KEg0JPQo9CmghEEqB5ABakYXILmEWXHDim+VjAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwQwHQYDVR0gBBYwFDAIBgYqhQNkcQEwCAYGKoUDZHECMIIBNAYFKoUDZHAEggEpMIIBJQwrItCa0YDQuNC/0YLQvtCf0YDQviBDU1AiICjQstC10YDRgdC40Y8gMy45KQwsItCa0YDQuNC/0YLQvtCf0YDQviDQo9CmIiAo0LLQtdGA0YHQuNC4IDIuMCkMY9Ch0LXRgNGC0LjRhNC40LrQsNGCINGB0L7QvtGC0LLQtdGC0YHRgtCy0LjRjyDQpNCh0JEg0KDQvtGB0YHQuNC4IOKEliDQodCkLzEyNC0yNTM5INC+0YIgMTUuMDEuMjAxNQxj0KHQtdGA0YLQuNGE0LjQutCw0YIg0YHQvtC+0YLQstC10YLRgdGC0LLQuNGPINCk0KHQkSDQoNC+0YHRgdC40Lgg4oSWINCh0KQvMTI4LTI4ODEg0L7RgiAxMi4wNC4yMDE2MDYGBSqFA2RvBC0MKyLQmtGA0LjQv9GC0L7Qn9GA0L4gQ1NQIiAo0LLQtdGA0YHQuNGPIDMuOSkwgawGCCsGAQUFBwEBBIGfMIGcMDQGCCsGAQUFBzABhihodHRwOi8vY2VydGVucm9sbC5jYS5ydC5ydS9vY3NwL29jc3Auc3JmMDIGCCsGAQUFBzAChiZodHRwOi8vY2VydGVucm9sbC5jYS5ydC5ydS9jYV9ydGs2LmNydDAwBggrBgEFBQcwAoYkaHR0cDovL3Jvc3RlbGVjb20ucnUvY2RwL2NhX3J0azYuY3J0MGMGA1UdHwRcMFowLKAqoCiGJmh0dHA6Ly9jZXJ0ZW5yb2xsLmNhLnJ0LnJ1L2NhX3J0azYuY3JsMCqgKKAmhiRodHRwOi8vcm9zdGVsZWNvbS5ydS9jZHAvY2FfcnRrNi5jcmwwKwYDVR0QBCQwIoAPMjAxODA0MTIwODM2MThagQ8yMDE5MDQxMjA4MzYxOFowCAYGKoUDAgIDA0EAhRD49mwPqTFeCakkYrqluCQE97RhGd/5sjgTR0SvVbJIja4vO/kYtFWzctaOkVKul3D6HxQy68ORvHDh9jJrHQ==</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature></ns2:SMEVSignature></ns2:ResponseMessage></ns2:GetResponseResponse></soap:Body></soap:Envelope>
И checkSignatureValue() возвращает false Код:окт 23, 2018 11:41:21 AM org.apache.xml.security.signature.Reference verify
WARNING: Verification failed for URI "#SIGNED_BY_SMEV"
окт 23, 2018 11:41:21 AM org.apache.xml.security.signature.Reference verify
WARNING: Expected Digest: fLrXcGOle6OLTo7DHO9R8VzztqW/FptTspZgk1X0ErE=
окт 23, 2018 11:41:21 AM org.apache.xml.security.signature.Reference verify
WARNING: Actual Digest: vPVN3fwCRL67Cfte1odPxC9arU17VaZmF6ySvyiQZZ4=
Подскажите, пожалуйста, в чем может быть проблема?] (*,)
|
|
|
|
|
|
Статус: Сотрудник
Группы: Участники
Зарегистрирован: 06.12.2008(UTC) Сообщений: 3,919 Откуда: Крипто-Про Сказал(а) «Спасибо»: 20 раз
Поблагодарили: 688 раз в 649 постах
|
Здравствуйте. Ответ от Ростелекома? Вероятно, проблема где-то в каноникализации данных. Чем они создают подпись на своей стороне? Есть ли образец каноникализированных данных при подписи, чтобы сравнить его с аналогичным логом при проверке? Отредактировано пользователем 23 октября 2018 г. 12:13:31(UTC)
| Причина: Не указана |
|
|
|
|
|
|
Быстрый переход
Вы не можете создавать новые темы в этом форуме.
Вы не можете отвечать в этом форуме.
Вы не можете удалять Ваши сообщения в этом форуме.
Вы не можете редактировать Ваши сообщения в этом форуме.
Вы не можете создавать опросы в этом форуме.
Вы не можете голосовать в этом форуме.
Important Information:
The Форум КриптоПро uses cookies. By continuing to browse this site, you are agreeing to our use of cookies.
More Details
Close
